Hello. I’m pretty new here. I just managed to get my Raspberry Pi setup at home to selfhost a simple website that will act as my portfolio for some art I do.

I’m using WordPress to make the content of the website, meaning it runs on Apache, MariaDB and MySQL in the background. It’s connected via port 80 since I don’t want to pay for SSL certificates to setup https. There will be no accounts or transactions happening on my website. I don’t have anything to manage my dynamic IP but I’ll figure that out later. I’ve deleted the default Pi user on the RPi.

Are there security issues I should address preemptively? I’m worried for instance that I am exposing my home network, making it easier for someone to breach into whatever is connected there.

Any tips on making sure my setup is secure?

  • i_am_not_a_robot
    link
    fedilink
    English
    arrow-up
    9
    ·
    7 days ago

    It may or may not be a concern to you, but if you are hosting it from your home then people will be able to determine your IP and rough physical location.

    If you’re on American cable internet and expecting a lot of traffic, your upload speed may become a problem.

    • PSoul•Lemmy@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 days ago

      Your first point is a good point. I guess it’s ok for now if my rough location is accessible. It’s not like my art is worth anything.

      Regarding upload speed, yeah I know it could become an issue but since it’s just a portfolio website, I don’t expect more than a dozen visits a month.

      • WhyJiffie@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        7 days ago

        scraping bots are expected to visit it, nowadays more than in previous years. a few of them are search engines, but there’s a lot of scraping for AI training, both on text and image data.